URL: https://github.com/freeipa/freeipa/pull/5124 Author: rcritten Title: #5124: Remove entire /run/ipa/ccaches directory not just files Action: opened
PR body: """ Remove entire /run/ipa/ccaches directory not just files If there are any sub-directories in the ccaches directory then cleaning it up will fail. Instead remove the whole directory and allow systemd-tmpfiles to re-create it. https://pagure.io/freeipa/issue/8248 This seems rather strange, deleting the whole thing then re-creating it, but walking the directory deleting discrete files and directories just seems slower and is quite a bit more code. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5124/head:pr5124 git checkout pr5124
From 72f6f4ae7e2e860d956e0684e241469523c3311a Mon Sep 17 00:00:00 2001 From: Rob Crittenden <[email protected]> Date: Mon, 21 Sep 2020 17:35:41 -0400 Subject: [PATCH 1/3] Remove entire /run/ipa/ccaches directory not just files If there are any sub-directories in the ccaches directory then cleaning it up will fail. Instead remove the whole directory and allow systemd-tmpfiles to re-create it. https://pagure.io/freeipa/issue/8248 Signed-off-by: Rob Crittenden <[email protected]> --- ipaplatform/base/paths.py | 1 + ipaserver/install/httpinstance.py | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index 6310869450..17f10e6b61 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -33,6 +33,7 @@ class BasePathNamespace: LS = "/bin/ls" SYSTEMCTL = "/bin/systemctl" SYSTEMD_DETECT_VIRT = "/usr/bin/systemd-detect-virt" + SYSTEMD_TMPFILES = "/usr/bin/systemd-tmpfiles" TAR = "/bin/tar" AUTOFS_LDAP_AUTH_CONF = "/etc/autofs_ldap_auth.conf" ETC_FEDORA_RELEASE = "/etc/fedora-release" diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 0fcc370e5e..8be19e033c 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -26,6 +26,7 @@ import errno import shlex import pipes +import shutil import tempfile from augeas import Augeas @@ -172,8 +173,8 @@ def remove_httpd_ccaches(self): # Make sure that empty env is passed to avoid passing KRB5CCNAME from # current env ipautil.remove_file(paths.HTTP_CCACHE) - for f in os.listdir(paths.IPA_CCACHES): - os.remove(os.path.join(paths.IPA_CCACHES, f)) + shutil.rmtree(paths.IPA_CCACHES) + ipautil.run([paths.SYSTEMD_TMPFILES, '--create']) def __configure_http(self): self.update_httpd_service_ipa_conf() From 3ae9cfec2996c6f05297462d43eeb806c1a651cf Mon Sep 17 00:00:00 2001 From: Rob Crittenden <[email protected]> Date: Mon, 21 Sep 2020 18:08:41 -0400 Subject: [PATCH 2/3] Test that ccaches are cleaned up during installation Create a random file and directory in the ccaches directory prior to installation then confirm that they were removed. https://pagure.io/freeipa/issue/8248 Signed-off-by: Rob Crittenden <[email protected]> --- ipatests/test_integration/test_installation.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ipatests/test_integration/test_installation.py b/ipatests/test_integration/test_installation.py index 9456b7f4b2..a82d4131c5 100644 --- a/ipatests/test_integration/test_installation.py +++ b/ipatests/test_integration/test_installation.py @@ -239,8 +239,23 @@ class TestInstallCA(IntegrationTest): @classmethod def install(cls, mh): + cls.master.put_file_contents( + os.path.join(paths.IPA_CCACHES, 'foo'), + 'somerandomstring' + ) + cls.master.run_command( + ['mkdir', os.path.join(paths.IPA_CCACHES, 'bar')] + ) tasks.install_master(cls.master, setup_dns=False) + def test_ccaches_cleanup(self): + """ + The IPA ccaches directory is cleaned up on install. Verify + that the file we created is now gone. + """ + assert os.path.exists(os.path.join(paths.IPA_CCACHES, 'foo')) is False + assert os.path.exists(os.path.join(paths.IPA_CCACHES, 'bar')) is False + def test_replica_ca_install_with_no_host_dns(self): """ Test for ipa-ca-install --no-host-dns on a replica From 598407a0703708fe8f31c85025303637e9380e5f Mon Sep 17 00:00:00 2001 From: Rob Crittenden <[email protected]> Date: Mon, 21 Sep 2020 18:10:07 -0400 Subject: [PATCH 3/3] Temp commit --- .freeipa-pr-ci.yaml | 2 +- ipatests/prci_definitions/temp_commit.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.freeipa-pr-ci.yaml b/.freeipa-pr-ci.yaml index abcf8c5b63..8065669008 120000 --- a/.freeipa-pr-ci.yaml +++ b/.freeipa-pr-ci.yaml @@ -1 +1 @@ -ipatests/prci_definitions/gating.yaml \ No newline at end of file +ipatests/prci_definitions/temp_commit.yaml \ No newline at end of file diff --git a/ipatests/prci_definitions/temp_commit.yaml b/ipatests/prci_definitions/temp_commit.yaml index ef2e4bfa90..6a23d17bc1 100644 --- a/ipatests/prci_definitions/temp_commit.yaml +++ b/ipatests/prci_definitions/temp_commit.yaml @@ -68,7 +68,7 @@ jobs: class: RunPytest args: build_url: '{fedora-latest/build_url}' - test_suite: test_integration/test_REPLACEME.py + test_suite: test_integration/test_installation.py::TestInstallCA::test_ccaches_cleanup template: *ci-master-latest timeout: 3600 topology: *master_1repl_1client
_______________________________________________ FreeIPA-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
